CVE-2015-8509 : Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before

Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2 does not properly construct CSV files, which allows remote attackers to obtain sensitive information by leveraging a web browser that interprets CSV data as JavaScript code.

Published 2016-01-03 05:59:12

Updated 2025-04-12 10:46:41

Source Mozilla Corporation

View at NVD, CVE.org

Products affected by CVE-2015-8509

Mozilla » Bugzilla » Version: 2.8
cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.4
cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.6
cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.10
cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.12
cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.14
cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.14.1
cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16
cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.14.2
cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.14.3
cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.14.4
cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.14.5
cpe:2.3:a:mozilla:bugzilla:2.14.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.5
cpe:2.3:a:mozilla:bugzilla:2.16.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.6
cpe:2.3:a:mozilla:bugzilla:2.16.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.2
cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.3
cpe:2.3:a:mozilla:bugzilla:2.16.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.4
cpe:2.3:a:mozilla:bugzilla:2.16.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.10
cpe:2.3:a:mozilla:bugzilla:2.16.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.11
cpe:2.3:a:mozilla:bugzilla:2.16.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.9
cpe:2.3:a:mozilla:bugzilla:2.16.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.1
cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.7
cpe:2.3:a:mozilla:bugzilla:2.16.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.16.8
cpe:2.3:a:mozilla:bugzilla:2.16.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.18
cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.18.1
cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.18.2
cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.18.3
cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.18.4
cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.20
cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.18.5
cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.22
cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.20.1
cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.20.2
cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.22.1
cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.20.3
cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.22.2
cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.1
cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.3
cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.4
cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.20.4
cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.20.5
cpe:2.3:a:mozilla:bugzilla:2.20.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.18.6
cpe:2.3:a:mozilla:bugzilla:2.18.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.20.6
cpe:2.3:a:mozilla:bugzilla:2.20.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.22.3
cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.22.4
cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.2
cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.7
cpe:2.3:a:mozilla:bugzilla:3.0.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2
cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.1
cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.22.6
cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.22.5
cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.6
cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.5
cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0
cpe:2.3:a:mozilla:bugzilla:3.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.20.7
cpe:2.3:a:mozilla:bugzilla:2.20.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.2
cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4
cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.1
cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.8
cpe:2.3:a:mozilla:bugzilla:3.0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.4
cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.3
cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.2
cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.3
cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.9
cpe:2.3:a:mozilla:bugzilla:3.0.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.2
cpe:2.3:a:mozilla:bugzilla:2.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.5
cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.22.7
cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 2.0
cpe:2.3:a:mozilla:bugzilla:2.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6
cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.10
cpe:2.3:a:mozilla:bugzilla:3.0.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.6
cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.5
cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.6
cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.0.11
cpe:2.3:a:mozilla:bugzilla:3.0.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.1
cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.7
cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.7
cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.8
cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.2
cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0
cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.8
cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.9
cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.3
cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.9
cpe:2.3:a:mozilla:bugzilla:3.2.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.10
cpe:2.3:a:mozilla:bugzilla:3.4.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.11
cpe:2.3:a:mozilla:bugzilla:3.4.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.2.10
cpe:2.3:a:mozilla:bugzilla:3.2.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.4
cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.5
cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.1
cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.12
cpe:2.3:a:mozilla:bugzilla:3.4.12:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.2
cpe:2.3:a:mozilla:bugzilla:4.0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.6
cpe:2.3:a:mozilla:bugzilla:3.6.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.7
cpe:2.3:a:mozilla:bugzilla:3.6.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.3
cpe:2.3:a:mozilla:bugzilla:4.0.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.13
cpe:2.3:a:mozilla:bugzilla:3.4.13:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.4
cpe:2.3:a:mozilla:bugzilla:4.0.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.5
cpe:2.3:a:mozilla:bugzilla:4.0.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.8
cpe:2.3:a:mozilla:bugzilla:3.6.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2
cpe:2.3:a:mozilla:bugzilla:4.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.1
cpe:2.3:a:mozilla:bugzilla:4.2.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.9
cpe:2.3:a:mozilla:bugzilla:3.6.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.6
cpe:2.3:a:mozilla:bugzilla:4.0.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.10
cpe:2.3:a:mozilla:bugzilla:3.6.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.7
cpe:2.3:a:mozilla:bugzilla:4.0.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.2
cpe:2.3:a:mozilla:bugzilla:4.2.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.3
cpe:2.3:a:mozilla:bugzilla:4.2.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.8
cpe:2.3:a:mozilla:bugzilla:4.0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.11
cpe:2.3:a:mozilla:bugzilla:3.6.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.9
cpe:2.3:a:mozilla:bugzilla:4.0.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.4
cpe:2.3:a:mozilla:bugzilla:4.2.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4
cpe:2.3:a:mozilla:bugzilla:4.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.12
cpe:2.3:a:mozilla:bugzilla:3.6.12:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.6.13
cpe:2.3:a:mozilla:bugzilla:3.6.13:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.10
cpe:2.3:a:mozilla:bugzilla:4.0.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.5
cpe:2.3:a:mozilla:bugzilla:4.2.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.6
cpe:2.3:a:mozilla:bugzilla:4.2.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.7
cpe:2.3:a:mozilla:bugzilla:4.2.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.4
cpe:2.3:a:mozilla:bugzilla:4.4.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.1
cpe:2.3:a:mozilla:bugzilla:4.4.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.2
cpe:2.3:a:mozilla:bugzilla:4.4.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.8
cpe:2.3:a:mozilla:bugzilla:4.2.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.9
cpe:2.3:a:mozilla:bugzilla:4.2.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.13
cpe:2.3:a:mozilla:bugzilla:4.0.13:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.3
cpe:2.3:a:mozilla:bugzilla:4.4.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.12
cpe:2.3:a:mozilla:bugzilla:4.0.12:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.11
cpe:2.3:a:mozilla:bugzilla:4.0.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.5
cpe:2.3:a:mozilla:bugzilla:4.4.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.10
cpe:2.3:a:mozilla:bugzilla:4.2.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.14
cpe:2.3:a:mozilla:bugzilla:4.0.14:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.6
cpe:2.3:a:mozilla:bugzilla:4.4.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.11
cpe:2.3:a:mozilla:bugzilla:4.2.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.14
cpe:2.3:a:mozilla:bugzilla:4.2.14:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 5.0
cpe:2.3:a:mozilla:bugzilla:5.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.16
cpe:2.3:a:mozilla:bugzilla:4.0.16:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.7
cpe:2.3:a:mozilla:bugzilla:4.4.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.12
cpe:2.3:a:mozilla:bugzilla:4.2.12:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.13
cpe:2.3:a:mozilla:bugzilla:4.2.13:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.8
cpe:2.3:a:mozilla:bugzilla:4.4.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.9
cpe:2.3:a:mozilla:bugzilla:4.4.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.17
cpe:2.3:a:mozilla:bugzilla:4.0.17:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.4.10
cpe:2.3:a:mozilla:bugzilla:4.4.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 5.0.1
cpe:2.3:a:mozilla:bugzilla:5.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.15
cpe:2.3:a:mozilla:bugzilla:4.0.15:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.2.15
cpe:2.3:a:mozilla:bugzilla:4.2.15:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 4.0.18
cpe:2.3:a:mozilla:bugzilla:4.0.18:*:*:*:*:*:*:*
Matching versions
Mozilla » Bugzilla » Version: 3.4.14
cpe:2.3:a:mozilla:bugzilla:3.4.14:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2015-8509

Top countries where our scanners detected CVE-2015-8509

Top open port discovered on systems with this issue 22

IPs affected by CVE-2015-8509 11

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2015-8509!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2015-8509

EPSS FAQ

0.16%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 33 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-8509

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
3.5	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N	2.1	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2015-8509

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-8509

http://www.securityfocus.com/bid/79662

Bugzilla CVE-2015-8509 Information Disclosure Vulnerability
https://bugzilla.mozilla.org/show_bug.cgi?id=1232785

1232785 - (CVE-2015-8509) [SECURITY] Buglists in CSV format can be parsed as valid javascript in some browsers
Exploit;Vendor Advisory
https://www.bugzilla.org/security/4.2.15/

5.0.1, 4.4.10, and 4.2.15 Security Advisory :: Bugzilla :: bugzilla.org

CVEs referencing this url
http://packetstormsecurity.com/files/135048/Bugzilla-Cross-Site-Scripting-Information-Leak.html

Bugzilla Cross Site Scripting / Information Leak ≈ Packet Storm

CVEs referencing this url
http://seclists.org/bugtraq/2015/Dec/131

Bugtraq: Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16

CVEs referencing this url
http://www.securitytracker.com/id/1034556

Bugzilla Lets Remote Users Obtain Potentially Sensitive Information and Conduct Cross-Site Scripting Attacks - SecurityTracker

CVEs referencing this url